Internal Audit calculates risk by reviewing and analyzing key risk factors, such as: size of budget, number of employees, impact on citizens, time since last audit, results of last audit, changes in management, etc.

Internal Audit participates in both internal and external quality assurance assessments. Internal assessments include ongoing monitoring of the performance of the internal audit activity and periodic self-assessments. External assessments are done every five years or less, and are conducted by a qualified, independent audit team from outside of the organization. The County's independent audit advisory committee oversees this work. A report with findings and recommendations for improvement is issued to the Board of Supervisors and is posted on this website. (See “About the Office” / “Peer Review”)

The scope of an audit refers to the breadth of the review (how many processes/functions are included). Most audits include an initial planning phase in which the area’s control environment is reviewed at a high level. Areas that appear to have weak controls are selected for audit testing (i.e., included in the audit scope).

An audit finding consists of audit results and conclusions based on appropriate analysis and evaluation. (The term "observation," "issue" or "exception" may also be used in audit reports.) Audit findings may be positive (e.g., "...no duplicate payments were found...") or negative (e.g., "...vendor overpayments were found..."). Findings usually result in recommendations that will assist an area to better achieve its business objectives.

On a regular basis, Internal Audit determines the status of all open audit recommendations. Follow-up is an important part of the audit process. At the Board of Supervisor's request, Internal Audit prepares an annual report showing all recommendations outstanding for more than one year.

When complete, audit reports are usually sent to The Board of Supervisors, the County Manager, the Citizen’s Audit Advisory Committee, the audited area, and other interested parties. Reports are also available to the public on Internal Audit's web site.

The County Board of Supervisors established an Internal Audit department to provide an objective and independent assessment of the County's system of internal controls. This assessment is carried out by Internal Audit through financial, performance, and information systems audits and reviews. Internal Audit evaluates the adequacy of the internal control environment, the operating environment, related accounting, financial, and operational policies, and reports the results accordingly.

The Auditor General is an Office of the State of Arizona. It is primarily responsible for an annual audit of the financial statements produced by the County (Comprehensive Annual Financial Report).